QUOTE: Cybersecurity researchers slammed HealthCare.gov’s security during a House hearing on Thursday morning, saying the site is still riddled with problems that could put consumers’ sensitive health details at risk. “The reason we’re concluding that this is so shockingly bad is that the issues across the site are so varied,” David Kennedy, founder of the information security firm TrustedSec, told NBC News. “You don’t even have to hack into the system to see big issues – which means there are [major problems] underneath.”

Kennedy was the first of a group of so-called “white-hat hackers” who testified before the House of Representatives Science Committee on Thursday. He previously appeared before the committee on November 19, when he said he was able to identify 18 major issues with the site – without even hacking into it. “Nothing’s really changed since our November 19 testimony,” Kennedy said during the hearing. “In fact, it’s worse.” Only half of one of those 18 issues on HealthCare.gov has been fixed since that November meeting, Kennedy said, and he has since learned of more problems with the site. A separate House Oversight committee hearing began Thursday morning with testimony expected from the Department of Health and Human Service’s chief information security officer.